Cross-site scripting (XSS) vulnerability in webevent.cgi in WebEvent 2.61 up to and including 4.03 allows remote malicious users to inject arbitrary web script or HTML via the cmd parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webevents webevents 2.61 |
||
webevents webevents 2.7 |
||
webevents webevents 2.71 |
||
webevents webevents 2.72 |
||
webevents webevents 4.03 |